Your network contains two Active Directory forests named contoso.com and adatum.com. All of the domain
controllers in both of the forests run Windows Server 2012 R2. The adatum.com domain contains a file server
named Servers.
Adatum.com has a one-way forest trust to contoso.com.
A contoso.com user name User10 attempts to access a shared folder on Servers and receives the error
message shown in the exhibit. (Click the Exhibit button.)
You verify that the Authenticated Users group has Read permissions to the Data folder.
You need to ensure that User10 can read the contents of the Data folder on Server5 in the adatum.com
domain.
What should you do?
A.
Grant the Other Organization group Read permissions to the Data folder.
B.
Modify the list of logon workstations of the contoso\\User10 user account.
C.
Enable the Netlogon Service (NP-In) firewall rule on Server5.
D.
Modify the permissions on the Server5 computer object in Active Directory.
Explanation:
To resolve the issue, I had to open up AD Users and Computers –> enable Advanced Features –> Select the
Computer Object –> Properties –> Security –> Add the Group I want to allow access to the computer (in this
case, DomainA\\Domain users) and allow “Allowed to Authenticate”. Once I did that, everything worked:
http://technet.microsoft.com/en-us/library/cc816733(v=ws.10).aspx